PATENT 

REMARKS 

Claims 1, 4, 6-11, 14-20, 22, 24-31 and 34-49 are pending in the application. 
Claims 1, 4, 6-11, 14-20, 22, 24-31 and 34-49 stand rejected. 
Claims 18, 28, 38 and 48 stands objected to. 
Claims 1, 7-8, 10, 20, 30 and 40 have been amended. 

Allowable Subject Matter 

In the present Office Action, claims 18, 28, 38 and 48 were objected to as being 
dependent up on rejected base claims, but indicated as being allowable if rewritten in 
independent form and the rejections under 35 U.S.C. §101 overcome. Applicant wishes 
to express his appreciation for the Examiner's indication of allowability. However, 
Applicant has elected not to rewrite the indicated claims in independent form at this time. 
Applicant reserves the right to submit one or more claims including the claim elements 
indicated as allowable by the Examiner in a subsequent response. 

Rejection of Claims under 35 U.S.C. §101 

Claims 1, 4, 6-7, 30-31, 34-41, 43-49 remain rejected under 35 U.S.C. § 101 as 
being directed to non-statutory subject matter. Applicant has amended independent 
certain of these claims, among others of the claims, in part to address this rejection, and 
so respectfully submit that this rejection is overcome thereby. 

With regard to claims 1, 4 and 6-7, Applicant, as an initial point, respectfully 
maintains that these claims are indeed statutory. Applicant respectfully observes that, in 
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not rejecting claims 8 and 9, the Office Action recognizes that, at the least, the use of a 
content addressable memory indicates as much. Further, Applicant respectfully submits 
that claim 6 is directed, in pertinent part, to a router, and claim 7, in pertinent part, to a 
lookup unit, both of which are hardware devices. In this regard, Applicant respectfully 
submits that the recognition that a router is a hardware device necessarily recognizes that 
a network device (an example of which is a router) is also a hardware device. However, 
in the spirit of advancing prosecution, Applicant has amended claim 1 to include a 
network interface, and so quell any disagreement as to the nature of the claimed network 
device or tunnel classification stage. 

With regard to claims 30-31 and 34-41, Applicant respectfully maintains that 
these claims are indeed statutory. Applicant respectfully observes that, in rejecting these 
claims, the Office Action notes that "... although some claims . . . suggests [sic] that 
software is 'executable on a computer system' . . . , this does not alleviate the requirement 
of the software to be stored in hardware (e.g., RAM, disk, etc.) in order to meet the 
patentability requirements" (Office Action, p. 3) and that "Computer software must be 
embodied on computer readable media." Applicant respectfully submits that claims 30- 
31 and 34-41 do indeed recite such a limitation. To wit, from claim 30, the claimed 
computer program product comprises: 

66 

computer readable storage media, wherein said computer program product is 

encoded in said computer readable storage media." 
(Emphasis supplied) 
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Applicant respectfully submits that the rejection of claims 30-31 and 34-41 is addressed 
thereby. 

With regard to claims 43-49, Applicant respectfully maintains that these claims 
are indeed statutory. Applicant respectfully observes that at least one (and more 
typically, all) of the means recited in each of these claims finds basis in one or more 
hardware structures of the claimed invention. This being the case, Applicant respectfully 
submits that claims 43-49 are statutory. 

Rejection of Claims under 35 U.S.C. §112 

Claims 8 is rejected under 35 U.S.C. § 1 12, second paragraph, as failing to set 
forth the subject matter which Applicant regards as their invention. Applicant 
respectfully addresses the Examiner's concern as follows. 

Applicant respectfully submits that claim 8 was clear in its earlier-amended state. 
The claimed content-addressable memory had been coupled in a manner that provided 
access to the claimed access control list (ACL). The meaning here is clear. However, 
Applicant has amended claim 8 to simplify its language, while also addressing any 
potential issues of clarity for purposes of examination. In this regard, amended claim 8 
now reads: 

8. The network device of claim 7, wherein said lookup unit comprises: 

an access control list (ACL); and 

a content-addressable memory, wherein 

said content-addressable memory is configured to access said ACL by 
virtue of being configured to 
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generate an index, and 
provide said index to said ACL. 

Applicant respectfully submits that the Examiner's concerns, and so this rejection, are 
addressed thereby. 

Rejection of Claims under 35 U.S.C. §102 

Claims 1, 4, 6-11, 14-17, 19-20, 22, 24-27, 29-31, 34-37, 39-41, 43-47 and 49 
stand rejected under 35 U.S.C. § 102(a) as being anticipated by or, in the alternative, 
under 35 U.S.C. §103(a) as being obvious in view of Ke, U.S. Publication No. 
2003/0041266 (hereinafter referred to as "Ke"). 

While not conceding that the cited reference qualify as prior art, but instead to 
expedite prosecution, Applicant has chosen to respectfully disagree and traverse the 
rejection as follows. Applicant reserves the right, for example, in a continuing 
application, to establish that the cited reference, or other references cited now or 
hereafter, do not qualify as prior art as to an invention embodiment previously, currently, 
or subsequently claimed. 

As an initial matter, Applicant notes that the rejection of the claims includes 
statements to the effect that certain limitations are "inherent" in the claims. Applicant 
again respectfully submits that such rejections are infirm for at least two reasons. First, 
even if such were the case, Applicant respectfully submits that such a rejection is 
inappropriate under 35 U.S.C. § 102(a), as such a rejection requires the combination of 
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Ke and other features, somehow known (or knowable) in the art (points which Applicant 
does not concede). 

Second, "[in] . . . relying on a theory of inherency, the examiner must provide a 
basis in fact and/or technical reasoning to reasonably support the determination that the 
allegedly inherent characteristic necessarily flows from the teachings of the applied prior 
art." Ex parte Levy, 17 U.S.P.Q.2d 1461, 1464 (Bd. Pat. App. & Inter. 1990) (emphasis in 
original). Applicant is unable to find such a demonstration in the Office Action. 

The Office Action states that "... the network device disclosed by Ke . . . 
inherently must have the elements for performing the tasks recited in the claim 
language." Applicant respectfully submits that such a position is tautological. The Office 
Action appears to state that because Ke purportedly anticipates the claimed invention, Ke 
must inherently possess the claimed features. However, to so state is to answer the 
question of anticipation without inquiry as to whether Ke actually anticipates the claimed 
invention (which Applicant maintains Ke does not). 

For example, the Office Action baldly states that "packet classifying and 
processing is carried out by an element reading on the packet processing section and an 
element forwarding the packet reads on the packet processing section. . . . [The] SGI must 
be identified. This task is accomplished by an element reading on a security group 
identification unit." While such might be the case if Ke showed, taught or suggested 
such functions and elements, Ke, in fact, does not. And since no portion of Ke is cited 
for the foregoing proposition (nor, Applicant respectfully submits, could Ke be so cited), 
Applicant respectfully submits that Ke fails in this regard. 
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With further respect to these limitations being well known, as earlier posited, 
Applicant respectfully requests that the Examiner provide an affidavit as to the personal 
knowledge relied on within the meaning of MPEP §2144.03 and 37 C.F.R. §1.107, or 
designate a reference or particular parts of the cited references and the pertinence of each 
reference in support of the rejection as required by 37 C.F.R. 1.106(b), which provides: 
"When a reference is complex or shows or describes inventions other than that claimed 
by the applicant, the particular part relied on must be designated as nearly as practicable. 
The pertinence of each reference, if not apparent, must be clearly explained and each 
rejected claim specified." 

For example, the Office Action simply states that firewalls screen packets. First, 
Applicant respectfully submits that such "screening" is not comparable to the claimed 
classifying, determining and forwarding, among other relevant limitations. Second, even 
if such were the case (which Applicant maintains is not the case), Ke provides no 
enabling teachings of such functionality. Applicant would be most grateful for a 
reference proffered in this regard, showing, teaching or suggesting the limitations of the 
claimed invention. 

Applicant therefore respectfully submits that the information that is asserted to be 
inherent and/or well known is not. Thus, in traversing the foregoing assertions, Applicant 
respectfully requests that a reference be cited in support of this position. If it is the 
Examiner's position that the rejection is based on his personal knowledge, Applicant 
requests that the facts be supported by an affidavit. As no reference is cited with regard 
to these statements, and no Official Notice taken thereof, Applicant respectfully submits 
that the rejection is overcome in this regard, for at least the foregoing reasons. 
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With regard to the independent claims, amended independent claim 1 is 
representative of amended independent claims 10, 20, 30 and 40, and now recites: 

1 . A network device comprising: 

a network interface; and 

a tunnel classification stage, wherein 

said tunnel classification stage is coupled to said network interface, 

said tunnel classification stage comprises 
a packet processing section, 

a security group identifier identification unit, coupled to said 
packet processing section, and 

a tunnel classification unit, coupled to said packet processing 

section and said security group identifier identification unit, 
said security group identifier is configured to identify a security group of a 

sender of said packet, 
said packet processing section is configured to classify a packet based on a 

security group identifier (SGI) of said packet, 
said packet processing section is further configured to forward said packet 

through a tunnel via which said packet is to be forwarded, and 
said packet processing section is further configured use said SGI in 

determining said tunnel. 

Support for the amendments presented herein can still be found at least at paras. 25-36. It 
will be appreciated that certain of the amendments presented herein are editorial in 
nature, and merely reflect changes in wording and the like, rather than changes in 
substance. 

Applicant further respectfully submits that "[a] claim is anticipated only if each 
and every element as set forth in the claim is found, either expressly or inherently 
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described, in a single prior art reference." Verde gall Bros. V. Union Oil Co. of California, 
814 F.2d 628, 631, 2 USPQ2d 1051, 1053 (Fed. Cir. 1987). Applicant respectfully 
submits that the Office Action fails to demonstrate that the reference shows, teaches or 
even suggests several of the foregoing limitations, using claim 23 as an example. To wit: 

said security group identifier is configured to identify a security group of a 
sender of said packet, 

Ke, in the cited portions or elsewhere, insofar as Applicant is able to discern, 
provides no teaching as to a security group identifier, nor to a security group identifier is 
configured to identify a security group of a sender of a packet. No technology even 
comparable to classifying and forwarding (among other of the claimed operations) based 
on a security group identifier configured to identify a security group of a sender of a 
packet, is shown, taught or even suggested by Ke. 

Applicant therefore respectfully submits that the Office Action fails in its burden 
of demonstrating that Ke teaches each and every limitation of the claimed invention 
(under either § 102(e) or, in the alternative, under § 103(a)). This comes as no surprise, in 
fact, because Ke is not directed to the claimed invention, given that Ke is directed to: 

"Methods and apparatus, including computer program products, 
implementing and using techniques for processing a data packet in a 
packet forwarding device. A data packet is received. A virtual local area 
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network destination is determined for the received data packet, and a set of 
rules associated with the virtual local area network destination is 
identified. The rules are applied to the data packet. If a virtual local area 
network destination has been determined for the received data packet, the 
data packet is output to the destination, using the result from the 
application of the rules. If no destination has been determined, the data 
packet is dropped. A security system for partitioning security system 
resources into a plurality of separate security domains that are 
configurable to enforce one or more policies and to allocate security 
system resources to the one or more security domains, is also described." 
(Ke, Abstract) 

As will be appreciated, Ke fails to teach the limitations of the independent claims, 
as Ke is simply directed to packet forwarding. The classifying/forwarding and other 
features of the claimed invention are simply not taught by Ke. For example, in the 
manner previously discussed, Ke is completely oblivious to the use of a security group 
identifier that is configured to identify a security group of a sender of a packet, for at least 
the reasons that Ke is not concerned with the use of security group identifiers, and fails to 
even recognize a security group identifier that is configured to identify a security group 
of a sender of a packet. 

Applicant respectfully submits, therefore, that independent claims 1,10, 20, 30 
and 40, and all claims depending thereon, are allowable over Ke, and so Applicant 
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respectfully urge that the rejection of claims 1,10, 20, 30 and 40, and all claims 
depending thereon, under § 102(e) (and, in the alternative, under § 103(a)) be withdrawn. 
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CONCLUSION 

In view of the amendments and remarks set forth herein, the application is 
believed to be in condition for allowance and a notice to that effect is solicited. 
Nonetheless, should any issues remain that might be subject to resolution through a 
telephonic interview, the Examiner is invited to telephone the undersigned at 512-439- 
5084. 

If any extensions of time under 37 C.F.R. § 1.136(a) are required in order for this 
submission to be considered timely, Applicant hereby petitions for such extensions. 
Applicant also hereby authorizes that any fees due for such extensions or any other fee 
associated with this submission, as specified in 37 C.F.R. § 1.16 or § 1.17, be charged to 
deposit account 502306. 

Respectfully submitted, 

/ Samuel G. Campbell, III / 

Samuel G. Campbell, III 
Attorney for Applicant 
Reg. No. 42,381 
Telephone: (512) 439-5084 
Facsimile: (512)439-5099 
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